crans/openwrt-barrierbreaker
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openwrt-barrierbreaker/package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch
blogic 533282da86 cyassl: update to version 3.2.0 
This fixes a security problem:
Security fix for RSA Padding check vulnerability

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

Backport of r42526

git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42614 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-09-18 15:24:45 +00:00

13 lines
581 B
Diff
Raw Blame History

--- a/src/internal.c
+++ b/src/internal.c
@@ -6037,6 +6037,10 @@ int ProcessReply(CYASSL* ssl)
b1 =
ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx++];
ssl->curSize = (word16)(((b0 & 0x7f) << 8) | b1);
+
+ /* does not appear to a be a SSLv2 client hello */
+ if ( ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx] != 1 )
+ return UNKNOWN_HANDSHAKE_TYPE;
}
else {
ssl->options.processReply = getRecordLayerHeader;
Reference in a new issue View git blame Copy permalink